﻿using System;
using System.Collections.Generic;
using System.Data.Entity;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using WCLOnlineExam.Models;

namespace WCLOnlineExam.Controllers
{
    public class AccountController : EntityController
    {
            public AccountController(IEntityContextBuilder builder) : base(builder) {}

            

            public ActionResult Login()
            {
                return View();
            }

            [HttpPost]
            [Authorize]
            public ActionResult ChangPassword(string  password)
            {
                if (string.IsNullOrEmpty(password))
                {
                    Response.StatusCode = 400;
                    return Content("密码不能为空");
                }
                string username = ((User)Session["user"]).UserName;
                var context = EntityBuilder.GetContext<User>();
                User user = context.Query().SingleOrDefault(c => c.UserName == username);
                user.SetPassword(password);
                
                if (context.Edit(user)){
                    return new HttpStatusCodeResult(200);
                } 
                else{
                    Response.StatusCode = 400;
                    return Content("修改失败");
                }

                
            }

            [HttpPost]
            [Authorize]
            public ActionResult ChangInfo(string phone, string email)
            {
                string username = ((User)Session["user"]).UserName;
                var context = EntityBuilder.GetContext<User>();
                User user = context.Query().SingleOrDefault(c => c.UserName == username);
                user.Phone = phone;
                user.Email = email;
                
                if (context.Edit(user)){
                    Session["user"] = user;
                    return new HttpStatusCodeResult(200);
                } 
                else{
                    Response.StatusCode = 400;
                    return Content("修改失败");
                }

                
            }

            [HttpPost]
            public ActionResult Login(string username, string password)
            {
                if (string.IsNullOrEmpty(username))
                {
                    Response.StatusCode = 400;
                    return Content("用户名不能为空！");
                }
                if (string.IsNullOrEmpty(password))
                {
                    Response.StatusCode = 400;
                    return Content("密码不能为空！");
                }
                var context = EntityBuilder.GetContext<User>();
                User user = context.Query().SingleOrDefault(c => c.UserName == username);
                if (user == null)
                {
                    Response.StatusCode = 400;
                    return Content("用户不存在！");
                }
                if (!user.VerifyPassword(password))
                {
                    Response.StatusCode = 400;
                    return Content("密码错误！");
                }

                Session["user"] = user;

                Session["role"] = user.Group.Power.ToString();

                ComBoostAuthentication.SignIn(user.Index.ToString(), false);
                //FormsAuthentication.SetAuthCookie(usesr.Index.ToString(), false);
                return new HttpStatusCodeResult(200);
            }

            [Authorize]
            public ActionResult Logout()
            {
                ComBoostAuthentication.SignOut();
                Session.Clear();
                return RedirectToAction("Login");
            }
        }
	
}